Skip to content

blackcodersec/exploit-cve

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
demo
demo
 
 
CVE-2024-39713.py
CVE-2024-39713.py
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

CVE-2024-39713: Rocket.Chat SSRF PoC

Description

A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1.

Links:

Usage

pip install -r requirements.txt
python3 CVE-2024-39713.py -u [Rocket.Chat URL] -t [SSRF target]

nuclei -t CVE-2024-39713.yaml -u [Rocket.Chat URL]

Demo

Disclaimer

This Proof of Concept is provided for educational and research purposes only. It is intended to help security professionals, developers, and researchers understand and mitigate vulnerabilities.

The author is not responsible for any misuse, damage, or legal consequences resulting from the use of this PoC.

About

CVE-2024-39713 (Rocket.Chat Blind SSRF vulnerability)

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages